Lucene search

[email protected]NVD:CVE-2009-1125

HistoryJun 10, 2009 - 6:30 p.m.

CVE-2009-1125

2009-06-1018:30:00

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

Percentile

0.4%

JSON

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application, aka “Windows Driver Class Registration Vulnerability.”

Affected configurations

Nvd

Node

microsoftwindows_2000sp4

microsoftwindows_server_2003sp2

microsoftwindows_server_2008x32

microsoftwindows_server_2008x64

microsoftwindows_server_2008sp2itanium

microsoftwindows_server_2008Matchsp2x32

microsoftwindows_server_2008Matchsp2x64

microsoftwindows_vistax64

microsoftwindows_vistasp1

microsoftwindows_vistasp2

microsoftwindows_xpsp2

microsoftwindows_xpsp3

References

osvdb.org/54942

secunia.com/advisories/35372

www.securityfocus.com/bid/35240

www.securitytracker.com/id?1022359

www.us-cert.gov/cas/techalerts/TA09-160A.html

www.vupen.com/english/advisories/2009/1544

docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-025

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5912

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

Percentile

0.4%

JSON

Related for NVD:CVE-2009-1125

prion1 cve1 cvelist1 seebug1 securityvulns2 nessus1 openvas2